Privacy Policy

1. Introduction

BizNuma ("we", "us", "our", or "Platform") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our B2B inventory platform.

By using BizNuma, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Platform.

2. Information We Collect

2.1 Information You Provide

Account Information: When you register, we collect:

• Email address
• Phone number
• Password (encrypted)
• Full name

Business Profile Information: When you create a business profile:

• Business name and username (@username)
• Business type (wholesaler, retailer, manufacturer, etc.)
• Business address, city, state, postal code
• Business phone and email
• PAN number, GSTIN (if provided)
• Business verification documents (if submitted)

Company Information: If you add multiple companies (GST entities):

• Company name and GSTIN
• Registered address and contact information
• PAN number and other tax identification

Product Information: When you add products:

• Product names, descriptions, categories
• Pricing information (multiple price types)
• Stock quantities and SKU codes
• Product images and specifications
• HSN codes and GST percentages

Customer Information: When you manage customers:

• Customer business names and contact details
• Addresses and GSTIN (if provided)
• Credit limits and payment terms

Transaction Data:

• Network orders placed between connected businesses (order details, items, quantities, notes)
• Invoice and estimation data (if you use these features)
• Important: We do NOT collect or process payment information. All payments happen directly between businesses outside our Platform.

Communication Data:

• Messages, inquiries, and correspondence with us or other users
• Support tickets and feedback
• Notes added to connections or orders

2.2 Automatically Collected Information

Usage Data:

• Pages visited, features used, time spent
• Search queries and filter preferences
• Clicks, interactions, and navigation patterns
• Product views and connection activity

Device & Technical Information:

• IP address and approximate location (city/country)
• Device type, operating system, browser type
• Screen size and device identifiers
• Cookies and similar tracking technologies

Log Data:

• Access times and dates
• Error logs and diagnostic data
• Server logs and performance metrics

2.3 Information From Third Parties

OAuth Login Providers: If you sign up using Google or other OAuth providers, we receive:

• Email address
• Name
• Profile picture (optional)
• Unique identifier from the provider

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Provide & Improve the Service

• Create and manage your account and business profile
• Enable connections between businesses via username lookup
• Display your products to businesses you've connected with
• Process network orders and facilitate communication
• Generate invoices and estimations (if you use features)
• Provide customer support and respond to inquiries
• Improve Platform functionality and user experience
• Develop new features and capabilities

3.2 Personalization & Analytics

• Customize your experience and recommendations
• Analyze usage patterns and trends
• Track Platform performance and reliability
• Understand how features are used
• Measure effectiveness of improvements

3.3 Communication

• Send transactional emails (order confirmations, account updates)
• Notify you of new connections and network activity
• Send security alerts and important notices
• Provide customer support and respond to your requests
• Send optional marketing communications (you can opt out)

3.4 Security & Compliance

• Detect, prevent, and address fraud and abuse
• Enforce our Terms of Service and policies
• Comply with legal obligations and regulations
• Protect rights, property, and safety of users
• Investigate suspicious activity

3.5 Subscription Management

• Process subscription plans and feature access
• Track usage limits and restrictions
• Send billing reminders and renewal notices
• Note: We do NOT handle product payment processing between businesses

4. How We Share Your Information

We do NOT sell your personal or business data to third parties. We only share information in the following limited circumstances:

4.1 With Your Connected Businesses

When you connect with another business on BizNuma:

• They can see information you've chosen to share (based on your access control settings)
• Your business name, username, and basic profile information
• Products, prices, and stock levels (as per your permissions)
• This is the core functionality of our connection-based network

4.2 With Service Providers

We work with third-party service providers who help us operate the Platform:

• Cloud hosting and storage providers (AWS, DigitalOcean, etc.)
• Analytics services (Google Analytics - anonymized data)
• Email service providers (for transactional emails)
• Customer support tools
• These providers are contractually obligated to protect your data

4.3 For Legal Reasons

We may disclose information if required to:

• Comply with legal obligations or court orders
• Respond to lawful requests from authorities
• Enforce our Terms of Service
• Protect our rights, property, or safety
• Prevent fraud, abuse, or illegal activity

4.4 Business Transfers

If BizNuma is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4.5 With Your Consent

We may share information with third parties when you explicitly consent or direct us to do so.

5. Data Security

We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

5.1 Technical Safeguards

• SSL/TLS encryption for data in transit
• Password hashing and encryption
• Regular security updates and patches
• Secure cloud infrastructure with reputable providers
• Access controls and authentication mechanisms
• Regular backups and disaster recovery procedures

5.2 Organizational Safeguards

• Limited employee access to personal data
• Confidentiality agreements with staff and contractors
• Security training and awareness programs
• Incident response procedures

5.3 Your Responsibility

While we take security seriously, no system is 100% secure. You are responsible for:

• Maintaining the confidentiality of your password
• Using a strong, unique password
• Logging out after using shared or public computers
• Reporting any unauthorized access immediately

6. Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

6.1 Active Accounts

• Account data: Retained while account is active
• Product listings: Retained until you delete them or close your account
• Order history: Retained for up to 7 years for tax and legal compliance
• Communication logs: Retained for up to 2 years for support purposes

6.2 Deleted Accounts

When you delete your account:

• Most data is deleted within 30 days of account closure
• Some data may be retained for legal, tax, or security purposes
• Anonymized analytics data may be retained indefinitely
• Backup copies may persist for up to 90 days before permanent deletion

6.3 Legal Obligations

We may retain certain information longer if required by law, to resolve disputes, enforce agreements, or prevent fraud.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 Access & Portability

• Request a copy of your personal data
• Download your data in a structured, machine-readable format
• Access your account information anytime in settings

7.2 Correction & Update

• Update your account and business information
• Correct inaccurate or incomplete data
• Most updates can be made directly in your settings

7.3 Deletion

• Request deletion of your account and data
• Use the "Delete Account" feature in settings or contact support
• Note: Some data may be retained for legal compliance (see Data Retention)

7.4 Restriction & Objection

• Object to processing of your data for certain purposes
• Restrict how we use your data in specific circumstances
• Opt out of marketing communications anytime

7.5 Withdraw Consent

• Withdraw consent for data processing that requires consent
• Note: Withdrawal won't affect lawfulness of processing before withdrawal

7.6 How to Exercise Your Rights

To exercise any of these rights, you can:

• Use the privacy controls in your account settings
• Contact us at privacy@biznuma.com
• Submit a request through our support portal

We will respond to your request within 30 days. We may ask for verification of your identity before processing your request.

8. Cookies & Tracking Technologies

We use cookies and similar technologies to improve your experience:

8.1 Types of Cookies

• Essential Cookies: Required for Platform functionality (login, security)
• Analytics Cookies: Help us understand how you use the Platform
• Preference Cookies: Remember your settings and preferences
• Functional Cookies: Enable enhanced features and personalization

8.2 Managing Cookies

You can control cookies through:

• Your browser settings (block or delete cookies)
• Our cookie preference center (if available)
• Opt-out links for analytics providers

Note: Blocking essential cookies may impact Platform functionality.

9. Third-Party Services & Links

The Platform may contain links to third-party websites or services:

• We are not responsible for third-party privacy practices
• Third-party sites have their own privacy policies
• We encourage you to review their privacy policies
• Your use of third-party services is at your own risk

9.1 Current Third-Party Services

• Google OAuth: For login authentication
• AWS S3: For secure file storage
• Google Analytics: For usage analytics (anonymized)

10. Children's Privacy

BizNuma is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately, and we will delete it.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards such as standard contractual clauses, adequacy decisions, or other legally recognized transfer mechanisms to protect your information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our practices
• New features or services
• Legal or regulatory requirements
• User feedback

When we make material changes, we will:

• Update the "Last Updated" date at the top
• Notify you via email or Platform notification
• Request your consent if required by law

Your continued use of the Platform after changes are posted constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Regulatory Compliance

14.1 GDPR (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR, including:

• Right to be forgotten
• Right to data portability
• Right to object to automated decision-making
• Right to lodge a complaint with supervisory authority

14.2 CCPA (California Users)

If you are a California resident, you have rights under CCPA, including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information
• Right to non-discrimination for exercising your rights

Important: We do NOT sell your personal information to third parties.